Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-4153

EPSS 6.26% · P91
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-4153

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP ‘zend_strndup()’ 拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP(PHP:Hypertext Preprocessor,PHP:超文本预处理器)是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发,支持多种数据库及操作系统。 PHP在检验zend_strndup()调用的返回值的实现上存在多个拒绝服务漏洞,该漏洞源于空指针解引用。攻击者可以利用这些漏洞导致PHP编写的应用程序崩溃,拒绝为合法用户提供服务。PHP 5.3.8 版本中存在该漏洞,其他版本中也可能受到影响。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-4153

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-4153

登录查看更多情报信息。

Same Patch Batch · n/a · 2012-01-18 · 80 CVEs total

CVE-2012-0101Oracle MySQL拒绝服务漏洞
CVE-2012-0102Oracle MySQL Server 远程拒绝服务漏洞
CVE-2012-0119Oracle MySQL Server远程拒绝服务漏洞
CVE-2012-0104Oracle GlassFish Enterprise Server远程拒绝服务漏洞
CVE-2012-0105Oracle Virtualization安全漏洞
CVE-2012-0103Oracle Sun Solaris本地拒绝服务漏洞
CVE-2012-0100Oracle Sun Solaris本地权限提升漏洞
CVE-2012-0099Oracle Sun Solaris远程拒绝服务漏洞
CVE-2012-0098Oracle Sun Solaris本地拒绝服务漏洞
CVE-2012-0097Oracle Sun Solaris本地信息泄露漏洞
CVE-2012-0109Oracle Sun Solaris信息泄露和拒绝服务漏洞
CVE-2012-0110Oracle Fusion Middleware安全漏洞
CVE-2012-0111Oracle Virtualization 安全漏洞
CVE-2012-0112Oracle MySQL Server拒绝服务漏洞
CVE-2012-0113Oracle MySQL信息泄露和拒绝服务漏洞
CVE-2012-0114Oracle MySQL Server本地访问安全漏洞
CVE-2012-0115Oracle MySQL远程拒绝服务安全漏洞
CVE-2012-0116Oracle MySQL 信息泄露漏洞
CVE-2012-0117Oracle MySQL Server 远程拒绝服务漏洞
CVE-2012-0118Oracle MySQL 信息泄露漏洞和拒绝服务漏洞

Showing top 20 of 80 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-4153

No comments yet

Leave a comment